floxif | 18f791b8851b6b32962fd8aa02e77fd0d48166b709155f1ce88a8c35313d2e73

General

Target

18f791b8851b6b32962fd8aa02e77fd0d48166b709155f1ce88a8c35313d2e73N.exe
Size

477KB
Sample

250111-cn9neaymez
MD5

85c701e145dfd1fe27f7973602874570
SHA1

baa5d4549aa5997d93b8e01b9d1d0801e31111f1
SHA256

18f791b8851b6b32962fd8aa02e77fd0d48166b709155f1ce88a8c35313d2e73
SHA512

4a367d00966bcc63e220339e917304efeedd6ed2a947e41a5e66d3263a749623104b2f992c1fd4f55622a650b95ac930dce05adf5a96b0602409088b28634ba3
SSDEEP

6144:rFTZXSiC8JxUsJ9iQJCG/VrZxPZug+QqajaDl2DQTrsQvMRlkM4RD/qzMfUc:rFTZnx1eQJCk9PZuf0YtMRGM4h/qofl

Score

10^/10

Malware Config

Targets

- Target
  
  18f791b8851b6b32962fd8aa02e77fd0d48166b709155f1ce88a8c35313d2e73N.exe
- Size
  
  477KB
- MD5
  
  85c701e145dfd1fe27f7973602874570
- SHA1
  
  baa5d4549aa5997d93b8e01b9d1d0801e31111f1
- SHA256
  
  18f791b8851b6b32962fd8aa02e77fd0d48166b709155f1ce88a8c35313d2e73
- SHA512
  
  4a367d00966bcc63e220339e917304efeedd6ed2a947e41a5e66d3263a749623104b2f992c1fd4f55622a650b95ac930dce05adf5a96b0602409088b28634ba3
- SSDEEP
  
  6144:rFTZXSiC8JxUsJ9iQJCG/VrZxPZug+QqajaDl2DQTrsQvMRlkM4RD/qzMfUc:rFTZnx1eQJCk9PZuf0YtMRGM4h/qofl
Score

10^/10

floxif backdoor discovery trojan upx
- Floxif family
  floxif
- Floxif, Floodfix
  Floxif aka FloodFix is a file-changing trojan and backdoor written in C++.
  backdoor trojan floxif
- Detects Floxif payload
  backdoor
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

1

T1046

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Floxif family

Floxif, Floodfix

Detects Floxif payload

ACProtect 1.3x - 1.4x DLL software

Loads dropped DLL

Network Service Discovery

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2